rpms/policycoreutils
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
c3299a8a50
policycoreutils/tests/sepolicy-generate/runtest.sh
Petr Lautrbach 4b74ff6678 Add CI tests using the standard test interface 
The playbook includes Tier1 level test cases that have been tested in
the following contexts and is passing reliably on Classic.
Test logs are stored in the Artifacts directory.

The following steps are used to execute the tests using the standard test interface:

Classic
    sudo ANSIBLE_INVENTORY=$(test -e inventory && echo inventory || echo /usr/share/ansible/inventory) TEST_SUBJECTS="" TEST_ARTIFACTS=$PWD/artifacts ansible-playbook --tags classic tests.yml

It's based on
https://src.fedoraproject.org/rpms/policycoreutils/pull-request/1 from Merlin Mathesius <merlinm@redhat.com>
2017-12-21 17:11:01 +01:00

116 lines
4.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/policycoreutils/Sanity/sepolicy-generate
# Description: sepolicy generate sanity test
# Author: Michal Trunecka <mtruneck@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2013 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="policycoreutils"
rlJournalStart
rlPhaseStartSetup
rlRun "rlCheckRequirements ${PACKAGES[*]}" || rlDie "cannot continue"
rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlPhaseEnd
rlPhaseStartTest
rlRun "mkdir mypolicy"
rlRun "sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home"
rlRun "grep 'manage_dirs_pattern(httpd_sys_script_t' mypolicy/testpolicy.te"
rlRun "rm -rf mypolicy"
rlPhaseEnd
rlPhaseStartTest
rlRun "mkdir mypolicy"
rlRun "touch /usr/bin/testpolicy"
for VARIANT in " -n testpolicy --admin_user -r webadm_r" \
" --application /usr/bin/testpolicy " \
" -n testpolicy --confined_admin -a firewalld " \
" -n testpolicy --confined_admin " \
" -n testpolicy --customize -d httpd_t -a firewalld " \
" -n testpolicy --customize -d httpd_t" \
" --dbus /usr/bin/testpolicy " \
" -n testpolicy --desktop_user " \
" --inetd /usr/bin/testpolicy " \
" --init /usr/bin/testpolicy " \
" -n testpolicy --newtype -t newtype_var_log_t " \
" -n testpolicy --newtype -t newtype_unit_file_t " \
" -n testpolicy --newtype -t newtype_var_run_t " \
" -n testpolicy --newtype -t newtype_var_cache_t " \
" -n testpolicy --newtype -t newtype_tmp_t " \
" -n testpolicy --newtype -t newtype_port_t " \
" -n testpolicy --newtype -t newtype_var_spool_t " \
" -n testpolicy --newtype -t newtype_var_lib_t " \
" -n testpolicy --sandbox " \
" -n testpolicy --term_user " \
" -n testpolicy --x_user "
# " --cgi /usr/bin/testpolicy "
do
rlRun "sepolicy generate -p mypolicy $VARIANT"
rlRun "cat mypolicy/testpolicy.te"
rlRun "cat mypolicy/testpolicy.if"
rlRun "cat mypolicy/testpolicy.fc"
if echo "$VARIANT" | grep -q newtype; then
rlAssertNotExists "mypolicy/testpolicy.sh"
rlAssertNotExists "mypolicy/testpolicy.spec"
else
rlRun "mypolicy/testpolicy.sh"
rlRun "semodule -l | grep testpolicy"
rlRun "semanage user -d testpolicy_u" 0-255
rlRun "semodule -r testpolicy"
fi
rlRun "rm -rf mypolicy/*"
rlRun "sleep 1"
if ! echo "$VARIANT" | grep -q newtype; then
rlRun "sepolicy generate -p mypolicy -w /home $VARIANT"
rlRun "cat mypolicy/testpolicy.te"
rlRun "cat mypolicy/testpolicy.if"
rlRun "cat mypolicy/testpolicy.fc"
rlRun "mypolicy/testpolicy.sh"
rlRun "semodule -l | grep testpolicy"
rlRun "semanage user -d testpolicy_u" 0-255
rlRun "semodule -r testpolicy"
rlRun "rm -rf mypolicy/*"
rlRun "sleep 1"
fi
done
rlRun "rm -rf mypolicy"
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd
Reference in New Issue View Git Blame Copy Permalink